ZDNet reported recently an update to the shortening of HTTPS certificates enforced by web browsers. What does it mean for you and for the internet?
If you make an internet call from Sydney to Texas, a technology called Border Gateway Protocol, or BGP for short, will ensure that your computer will find your friend in Texas. Just like people have to go through a border gate (or customs if you are at the airport) to enter another country, internet users have to go through a gate to access anything on the internet in another country. Internet users have unknowingly used BGP for over 30 years. The problem is that this old technology leaves the border gate wide open for a special kind of cyberattack.
Two stories in as many weeks have flushed out some of the management problems Microsoft has with the management of its vast IT inventory - DNS and SSL.
Let me assume your question is about the impact on IT users. If you want to think about cryptography as a mechanism to achieve a business / user value, you can see it as a means to extend “trusted environment”.
Let me start with a question - why do banks believe that 4 digit PIN on your credit card is secure when a random guess have a chance of 1 in 10,000 to be correct. Does 3496 sound that much more secure than “password123” ?
What is KeyChest and its spot check good for?
You may ask why you need another tool, when there's SSL Labs auditing tool, which tells you all you need about the security of your website. The answer is simple, KeyChest is much more about keeping your servers available than secure. You can only do a thorough security audit on servers, which have been configured and use the certificate you want.
KeyChest.net is about keeping your business up and running. It may be prudent to reach A+ rating at SSL Labs in April, but it doesn't help if your customers can't access your online store in July.
KeyChest gives you all the information you need to keep your servers' SSL certificates up to date. It allows you to plan certificate renewals and tells you when something broke and needs a closer look. This protects you from downtimes as you can plan certificate renewals with enough to resolve any potential problems. Spot checks of KeyChest also help you set up your servers so that your users, customers, and clients can use them and connect to them reliably as we detect issues that may cause random unexpected problems to access your web services.
KeyChest features a powerful Dashboard with details of all your certificates in one place. Dashboard tables list relevant issues, from DNS lookup errors, incomplete trust chains, or certificate expiration dates.
If you just want to keep an eye on your administrators, KeyChest will send you a brief email with all the important metrics.
We also want to show you who issued your certificate and how to save money on the next one. Make you aware of any new certificates issued for any of your servers. One of the main extensions would be integration of reminders into your calendar.
The biggest problem of the security of your servers is that you need to create a new key and certificate. It can be every three months, or once in 2-3 years. The harsh reality is that if you don't do it, your online business will simply grind to halt.